new-product-tracker

SUSPICIOUS. The skill's capabilities mostly match its stated purpose, and there is no direct malware or payload execution signal. The main concern is data-flow integrity: product queries and the required API key are routed through Nexscope proxy endpoints instead of official source APIs, creating an intermediary trust dependency that is only partially transparent. Overall this looks more like a legitimate but trust-expanding analytics skill than malware.